<div class="intro">
<p>The goal of this guide is to make it easy to set up email encryption on your computer. Once you've finished, you'll be able to send and receive emails that are coded to make sure that a surveillance agent or thief can't intercept your email and read it. </p>
<!--<p>You'll also be able to sign emails to show reliably that they are from you. Though the need for signing may be less obvious, you'll actually do it more often.</p>-->
- <p>All you need is a computer with an Internet connection, and email account and about half an hour. You can use your existing email account for this without affecting it.</p>
+ <p>All you need is a computer with an Internet connection, an email account and about half an hour. You can use your existing email account for this without affecting it.</p>
<p>This guide relies on software which is freely licensed; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-2a" class="step">
<div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/placeholders/placeholder.png" alt="Placeholder" /></p>
+ <p><img src="//static.fsf.org/nosvn/enc-dev0/img/screenshots/step2a-01-make-keypair.png" alt="Step 2.A: Make a Keypair" /></p>
</div><!-- /.sidebar -->
<div class="main">
<h3><em>Step 2.a</em> Make a keypair</h3>
- <p>In your email program's menu, select OpenPGP -> Setup Wizard. You don't need to read the text in the window that pops up unless you'd like to, but it's good to read the text on the later screens of the wizard.</p>
+ <p>In your email program's menu, select OpenPGP → Setup Wizard. You don't need to read the text in the window that pops up unless you'd like to, but it's good to read the text on the later screens of the wizard.</p>
<p>On the second screen, titled "Signing," select "No, I want to create per-recipient rules for emails that need to be signed."</p>
<p>Use the default options until you reach the screen titled "Create Key".</p>
<p>On the screen titled "Create Key," pick a strong password! Your password should be at least 8 characters and include at least one lower case and upper case letter and at least one punctuation mark. Don't forget it, or all this work will be wasted!</p>
<p>The program will take a little while to finish the next step, the "Key Creation" screen. While you wait, do something else with your computer, like watching a movie or browsing the Web. The more you use the computer at this point, the faster the key creation will go.</p>
- <p>When the OpenPGP Confirm screen pops up, select Generate Certificate and choose to save it in a safe place on your computer (we recommend making a folder called "Revocation Certificate" in your home folder and keeping it there. You'll learn more about the revocation certificate in Section 5. The setup wizard will ask you to move it onto an external device, but that isn't necessary at this moment.</p>
+ <p>When the OpenPGP Confirm screen pops up, select Generate Certificate and choose to save it in a safe place on your computer (we recommend making a folder called "Revocation Certificate" in your home folder and keeping it there. You'll learn more about the revocation certificate in <a href="#section5">Section 5</a>. The setup wizard will ask you to move it onto an external device, but that isn't necessary at this moment.</p>
<p class="highlight">After creating your key, the Enigmail set-up wizard automatically uploaded it to a keyserver, an online computer that makes everyone's keys available through the Internet.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
</div><!-- /.sidebar -->
<div class="main">
<h3><em>Step 4.a</em> Sign a key</h3>
- <p>In your email program's menu, go to OpenPGP -> Key Management.</p>
+ <p>In your email program's menu, go to OpenPGP → Key Management.</p>
<p>Right click on Adele's public key and select Sign Key from the context menu.</p>
<p>In the window that pops up, select "I will not answer" and click OK.</p>
- <p>In your email program's menu, go to OpenPGP -> Key Management -> Keyserver -> Upload Public Keys and hit OK.</p>
+ <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit OK.</p>
<p class="highlight">You've just effectively said "I trust that Adele's public key actually belongs to Adele." This doesn't mean much because Adele isn't a real person. Before signing a real person's key, always make sure it actually belongs to them, and answer honestly in the window that pops up and asks "How carefully have you verified that the key you are about to sign actually belongs to the person(s) named above?".</p>
<p class="highlight">It's important to take keysigning seriously because it will affect people beyond just you and the person who's key you are signing. If someone doubts that a key actually belongs to the person that is says it does, they can go on a keyserver and see the number of signatures that it has. The more it has, the more they are likely to trust it.</p>
<p class="highlight">The Web of Trust takes this concept to the next level. It is a network of key signatures that is saved in keyservers on the Internet. It builds chains of trust between individuals that do not know each other by passing through others, a bit like the famous <a href="http://en.wikipedia.org/wiki/Six_degrees_of_separation">"six degrees of separation" game</a>. You don't need to understand it in detail to use email encryption, but it will become a powerful tool if you become an advanced user.</p>
projects / enc-live.git / commitdiff